/** * Saves capability changes to roles. * * @param string $role_name Role name to change its capabilities * @param array $caps New capabilities for the role. * @return void */ private function saveRoleCapabilities($role_name, $caps, $level) { $this->generateNames(); $role = get_role($role_name); // workaround to ensure db storage of customizations to bbp dynamic roles $role->name = $role_name; $stored_role_caps = !empty($role->capabilities) && is_array($role->capabilities) ? array_intersect($role->capabilities, array(true, 1)) : array(); $old_caps = array_intersect_key($stored_role_caps, $this->capabilities); $new_caps = is_array($caps) ? array_map('intval', $caps) : array(); $new_caps = array_merge($new_caps, ak_level2caps($level)); // Find caps to add and remove $add_caps = array_diff_key($new_caps, $old_caps); $del_caps = array_diff_key($old_caps, $new_caps); if (!($is_administrator = current_user_can('administrator'))) { unset($add_caps['manage_capabilities']); unset($del_caps['manage_capabilities']); } if ('administrator' == $role_name && isset($del_caps['manage_capabilities'])) { unset($del_caps['manage_capabilities']); ak_admin_error(__('You cannot remove Manage Capabilities from Administrators', $this->ID)); } // Add new capabilities to role foreach ($add_caps as $cap => $grant) { if ($is_administrator || current_user_can($cap)) { $role->add_cap($cap); } } // Remove capabilities from role foreach ($del_caps as $cap => $grant) { if ($is_administrator || current_user_can($cap)) { $role->remove_cap($cap); } } }
/** * Saves capability changes to roles. * * @param string $role_name Role name to change its capabilities * @param array $caps New capabilities for the role. * @return void */ private function saveRoleCapabilities($role_name, $caps, $level) { $this->cm->generateNames(); $role = get_role($role_name); // workaround to ensure db storage of customizations to bbp dynamic roles $role->name = $role_name; $stored_role_caps = !empty($role->capabilities) && is_array($role->capabilities) ? array_intersect($role->capabilities, array(true, 1)) : array(); $old_caps = array_intersect_key($stored_role_caps, $this->cm->capabilities); $new_caps = is_array($caps) ? array_map('boolval', $caps) : array(); $new_caps = array_merge($new_caps, ak_level2caps($level)); // Find caps to add and remove $add_caps = array_diff_key($new_caps, $old_caps); $del_caps = array_diff_key($old_caps, $new_caps); $changed_caps = array(); foreach (array_intersect_key($new_caps, $old_caps) as $cap_name => $cap_val) { if ($new_caps[$cap_name] != $old_caps[$cap_name]) { $changed_caps[$cap_name] = $cap_val; } } $add_caps = array_merge($add_caps, $changed_caps); if (!($is_administrator = current_user_can('administrator'))) { unset($add_caps['manage_capabilities']); unset($del_caps['manage_capabilities']); } if ('administrator' == $role_name && isset($del_caps['manage_capabilities'])) { unset($del_caps['manage_capabilities']); ak_admin_error(__('You cannot remove Manage Capabilities from Administrators', $this->cm->ID)); } // Add new capabilities to role foreach ($add_caps as $cap => $grant) { if ($is_administrator || current_user_can($cap)) { $role->add_cap($cap, $grant); } } // Remove capabilities from role foreach ($del_caps as $cap => $grant) { if ($is_administrator || current_user_can($cap)) { $role->remove_cap($cap); } } if (is_multisite() && is_super_admin() && 1 == get_current_blog_id()) { if (!($autocreate_roles = get_site_option('cme_autocreate_roles'))) { $autocreate_roles = array(); } $this_role_autocreate = !empty($_REQUEST['cme_autocreate_role']); if ($this_role_autocreate && !in_array($role_name, $autocreate_roles)) { $autocreate_roles[] = $role_name; update_site_option('cme_autocreate_roles', $autocreate_roles); } if (!$this_role_autocreate && in_array($role_name, $autocreate_roles)) { $autocreate_roles = array_diff($autocreate_roles, array($role_name)); update_site_option('cme_autocreate_roles', $autocreate_roles); } if (!empty($_REQUEST['cme_net_sync_role'])) { // loop through all sites on network, creating or updating role def global $wpdb, $wp_roles, $blog_id; $blog_ids = $wpdb->get_col("SELECT blog_id FROM {$wpdb->blogs} ORDER BY blog_id"); $orig_blog_id = $blog_id; $role_caption = $wp_roles->role_names[$role_name]; $new_caps = is_array($caps) ? array_map('boolval', $caps) : array(); $new_caps = array_merge($new_caps, ak_level2caps($level)); $admin_role = $wp_roles->get_role('administrator'); $main_admin_caps = array_merge($admin_role->capabilities, ak_level2caps(10)); foreach ($blog_ids as $id) { if (1 == $id) { continue; } switch_to_blog($id); $wp_roles->reinit(); if ($blog_role = $wp_roles->get_role($role_name)) { $stored_role_caps = !empty($blog_role->capabilities) && is_array($blog_role->capabilities) ? array_intersect($blog_role->capabilities, array(true, 1)) : array(); $old_caps = array_intersect_key($stored_role_caps, $this->cm->capabilities); // Find caps to add and remove $add_caps = array_diff_key($new_caps, $old_caps); $del_caps = array_intersect_key(array_diff_key($old_caps, $new_caps), $main_admin_caps); // don't mess with caps that are totally unused on main site // Add new capabilities to role foreach ($add_caps as $cap => $grant) { $blog_role->add_cap($cap, $grant); } // Remove capabilities from role foreach ($del_caps as $cap => $grant) { $blog_role->remove_cap($cap); } } else { $wp_roles->add_role($role_name, $role_caption, $new_caps); } restore_current_blog(); } $wp_roles->reinit(); } } // endif multisite installation with super admin editing a main site role }
/** * Saves capability changes to roles. * * @param string $role_name Role name to change its capabilities * @param array $caps New capabilities for the role. * @return void */ private function saveRoleCapabilities($role_name, $caps, $level) { $this->generateNames(); $role = get_role($role_name); $old_caps = array_intersect_key($role->capabilities, $this->capabilities); $new_caps = is_array($caps) ? array_map('intval', $caps) : array(); $new_caps = array_merge($new_caps, ak_level2caps($level)); // Find caps to add and remove $add_caps = array_diff_key($new_caps, $old_caps); $del_caps = array_diff_key($old_caps, $new_caps); if (!current_user_can('administrator')) { unset($add_caps['manage_capabilities']); unset($del_caps['manage_capabilities']); } if ('administrator' == $role_name && isset($del_caps['manage_capabilities'])) { unset($del_caps['manage_capabilities']); ak_admin_error(__('You cannot remove Manage Capabilities from Administrators', $this->ID)); } // Add new capabilities to role foreach ($add_caps as $cap => $grant) { $role->add_cap($cap); } // Remove capabilities from role foreach ($del_caps as $cap => $grant) { $role->remove_cap($cap); } }